1
0
Fork 0

use not hardcoded OIDC secret in jellyfin

This commit is contained in:
ibizaman 2023-12-17 23:07:53 -08:00 committed by Pierre Penninckx
parent 77e21eaceb
commit 533d95851b

View file

@ -372,12 +372,18 @@ in
{
id = cfg.oidcClientID;
description = "Jellyfin";
secretFile = config.sops.secrets."jellyfin/sso_secret".path;
secretFile = config.sops.secrets."authelia/jellyfin_sso_secret".path;
public = "false";
authorization_policy = "one_factor";
redirect_uris = [ "https://${cfg.subdomain}.${cfg.domain}/sso/OID/r/${cfg.oidcProvider}" ];
}
];
sops.secrets."authelia/jellyfin_sso_secret" = {
inherit (cfg) sopsFile;
key = "jellyfin/sso_secret";
mode = "0400";
owner = config.shb.authelia.autheliaUser;
};
# For backup